Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Bump org.apache.httpcomponents.core5:httpcore5 from 5.1.5 to 5.2.2 #549

Closed
wants to merge 2 commits into from
Closed

Bump org.apache.httpcomponents.core5:httpcore5 from 5.1.5 to 5.2.2 #549

wants to merge 2 commits into from

Conversation

dependabot[bot]
Copy link
Contributor

@dependabot dependabot bot commented on behalf of github Jul 3, 2023
edited
Loading

Bumps org.apache.httpcomponents.core5:httpcore5 from 5.1.5 to 5.2.2.

Changelog

Sourced from org.apache.httpcomponents.core5:httpcore5's changelog.

Release 5.2.2

This is a maintenance release that corrects several defects discovered since release 5.2.1 including a major defect that can cause HTTP/2 connections allocate excessive amount of memory for their output frame buffer if the opposite endpoint transmits a high value of MAX_FRAME_SIZE in its settings.

Change Log

  • HTTPCORE-752: I/O reactor fails to initialize socket timeout for TLS connections correctly resulting in infinite (no timeout) by default. Contributed by Oleg Kalnichevski

  • HTTPCORE-751: H2 protocol handler always resizes the output frame buffer to the remove MAX_FRAME_SIZE instead of doing so only then the remote MAX_FRAME_SIZE is lesser than the current MAX_FRAME_SIZE (partially reverts HTTPCORE-707). Contributed by Oleg Kalnichevski

  • HTTPCORE-750: Fixed a defect causing AbstractIOSessionPool to create multiple connections under high load at initialization time due to a race condition. Contributed by Oleg Kalnichevski

  • Handle UnsupportedOperationException in getApplicationProtocol. Contributed by Arturo Bernal

  • HTTPCORE-742: BasicHttpRequest#setUri does not correctly reset internal state. Contributed by Oleg Kalnichevski

  • HTTPCORE-733: BasicAsyncEntityProducer sends an extra trailing 0 with UTF-8 encoded content Contributed by Oleg Kalnichevski

  • Do not duplicate the HttpMessage instance variable slot in subclasses of AbstractMessageWrapper. Contributed by Gary Gregory

Release 5.2.1

This is a maintenance release that corrects several minor defects discovered since release 5.2 and fixes SOCKS proxy protocol support in the async transport.

Change Log

  • HTTPCLIENT-2248: Fixed broken TLS over SOCKS. Contributed by Oleg Kalnichevski

... (truncated)

Commits
  • 8cd0f01 HttpCore 5.2.2 release
  • f73dd56 Updated release notes for HttpCore 5.2.2 release
  • 6f82d1c HTTPCORE-752: I/O reactor fails to initialize socket timeout for TLS connecti...
  • 4f5bbaf Bump rxjava from 3.1.5 to 3.1.6
  • 3ab9d95 HTTPCORE-751: H2 protocol handler always resizes the output frame buffer to t...
  • a091322 HTTPCORE-750: Fixed a defect causing AbstractIOSessionPool to create multiple...
  • 1b9871c Handle UnsupportedOperationException in getApplicationProtocol.
  • 9f8cdb1 [HTTPCORE-745] ContentType.create(String, NameValuePair...) should make (#404)
  • 0311043 Bump junit-bom from 5.9.1 to 5.9.3
  • 7376337 HTTPCORE-742: BasicHttpRequest#setUri does not correctly reset internal state
  • Additional commits viewable in compare view

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

@dependabot
Bump org.apache.httpcomponents.core5:httpcore5 from 5.1.5 to 5.2.2
5253782 
Bumps [org.apache.httpcomponents.core5:httpcore5](https://github.com/apache/httpcomponents-core) from 5.1.5 to 5.2.2.
- [Changelog](https://github.com/apache/httpcomponents-core/blob/master/RELEASE_NOTES.txt)
- [Commits](apache/httpcomponents-core@rel/v5.1.5...rel/v5.2.2)

---
updated-dependencies:
- dependency-name: org.apache.httpcomponents.core5:httpcore5
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot bot added dependabot dependencies Pull requests that update a dependency file labels Jul 3, 2023
@dependabot
Update changelog
07e6594 
Signed-off-by: dependabot[bot] <support@github.com>
reta
reta reviewed Jul 4, 2023
View reviewed changes
java-client/build.gradle.kts
@@ -152,8 +152,8 @@ dependencies {
testImplementation("org.opensearch.test", "framework", opensearchVersion)

api("org.apache.httpcomponents.client5:httpclient5:5.1.4")
api("org.apache.httpcomponents.core5:httpcore5:5.1.5")
api("org.apache.httpcomponents.core5:httpcore5-h2:5.1.5")
api("org.apache.httpcomponents.core5:httpcore5:5.2.2")
Copy link
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

@Xtansia we may need to update httpclient5 & httpcore5 at the same time

@Yury-Fridlyand Yury-Fridlyand mentioned this pull request Jul 5, 2023
Merged
@dependabot @github
Copy link
Contributor Author

dependabot bot commented on behalf of github Jul 5, 2023

Looks like org.apache.httpcomponents.core5:httpcore5 is up-to-date now, so this is no longer needed.

@dependabot dependabot bot closed this Jul 5, 2023
@dependabot dependabot bot deleted the dependabot/gradle/org.apache.httpcomponents.core5-httpcore5-5.2.2 branch July 5, 2023 18:22
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@reta reta reta left review comments

@Bukhtawar Bukhtawar Awaiting requested review from Bukhtawar Bukhtawar is a code owner

@dblock dblock Awaiting requested review from dblock dblock is a code owner

@szczepanczykd szczepanczykd Awaiting requested review from szczepanczykd szczepanczykd is a code owner

@madhusudhankonda madhusudhankonda Awaiting requested review from madhusudhankonda madhusudhankonda is a code owner

@saratvemulapalli saratvemulapalli Awaiting requested review from saratvemulapalli saratvemulapalli is a code owner

@VachaShah VachaShah Awaiting requested review from VachaShah VachaShah is a code owner

Assignees
No one assigned
Labels
dependabot dependencies Pull requests that update a dependency file
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
1 participant
@reta